View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Next on Network Rail’s IT Shopping List: A Crypto Key Management System

Network Rail estimates that it will spend up to £2 billion on IT by 2030. It's latest requirement: a national crypto key management system

By CBR Staff Writer

Network Rail’s sweeping digitalisation programme continues to throw up major IT contract opportunities.

The latest: a £6 million contract for a cryptographic key management system, to help secure railway communications.

(The state-run railway infrastructure manager estimates that it will spend up to £2 billion on IT by 2030).

Network Rail is in the early days (a “prior call for competition”) of seeking a partner to provide the services.

It estimates a two-year design and implementation phase, plus a potential 15 years of support and licencing.

Demand for the secure communications infrastructure comes amid a huge nationwide shift to digital signalling and communications systems across the UK’s railways.

Over half of Britain’s analogue signalling systems will need to be replaced within the next 15 years, in the biggest rail infrastructure shift since the 1960s’ shift from coal to diesel.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Network Rail Cryptographic Key Request: What’s Needed?

Cryptographic keys are required by each European Train Control System (ETCS) Radio Block Centre (RBC) and each ETCS On Board Unit (OBU) to communicate over rail’s “GSM-R” network securely.

“The supplier will be required to provide and implement an efficient and intuitive National Online Key Management System (OKMS) which will generate, store, manage, distribute, archive and delete software cryptographic keys for the UK railway”, Network Rail said.

The system will also support offline key distribution by allowing encrypted keys to be sent via a variety of methods including physical media, email and remote download, Network Rail added.

This will include software and hardware for online and offline distribution, public key infrastructure to enable online distribution of authentication keys (KMACs) via GPRS and FTNx and “provide the opportunity to use the PKI system for other functionality.”

A disclaimer: “Interested parties are advised that Network Rail do not currently have budget approval for this scope of work, this procurement process will generate a cost which will be presented to the sponsor to secure Investment Panel approval before any contract can be awarded.”

Expressions of interest need to be in by June 22.

See also: EXCLUSIVE: GCHQ, NSA Still Using Punched Paper Tape to Produce Crypto Keys

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.